Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
EUVDB-ID: #VU63563
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28711
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63564
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28712
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63565
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28713
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63583
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28714
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. A remote user can use a UDP connection on a fast interface to trigger resource exhaustion and perform a denial of service (DoS) attack.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63584
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-28715
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. A remote user can use a UDP connection on a fast interface to trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63566
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-4135
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to simulated networking device driver for the Linux kernel does not properly initialize memory in certain situations. A local user can gain unauthorized access to sensitive information (kernel memory).
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61215
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-43976
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the mwifiex_usb_recv() function in drivers/net/wireless/marvell/mwifiex/usb.c in Linux kernel. An attacker with physical access to the system can insert a specially crafted USB device and perform a denial of service (DoS) attack.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU59100
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2021-44733
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to elevate privileges on the system.
The vulnerability exists due to a use-after-free error in the drivers/tee/tee_shm.c file within the TEE subsystem in the Linux kernel. A local user can trigger a race condition in tee_shm_get_from_id during an attempt to free a shared memory object and execute arbitrary code with elevated privileges.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU61579
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-45095
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a refcount leak within the pep_sock_accept() function in net/phonet/pep.c in the Linux kernel. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63568
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-45480
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __rds_conn_create() function in net/rds/connection.c. A local user can perform a denial of service attack.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61216
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0435
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the Linux kernel networking module for the Transparent Inter-Process Communication (TIPC) protocol. A remote unauthenticated attacker can send specially crafted traffic to the system, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system but requires that the TIPC bearer is set up.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61245
Risk: Low
CVSSv3.1: 7.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2022-0492
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a logic error within the cgroup_release_agent_write() function in kernel/cgroup/cgroup-v1.c. A local user can use the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation.
MitigationUpdate the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
EUVDB-ID: #VU61247
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0516
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in kvm_s390_guest_sida_op() function in the arch/s390/kvm/kvm-s390.c in KVM for s390 in the Linux kernel. A local user can trigger an out-of-bounds write and escalate privileges on the system.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 20.04
linux-image-lowlatency (Ubuntu package): before 5.4.0.105.109
linux-image-generic-lpae (Ubuntu package): before 5.4.0.105.109
linux-image-oracle-lts-20.04 (Ubuntu package): before 5.4.0.1067.67
linux-image-5.4.0-1069-aws (Ubuntu package): before 5.4.0-1069.73~18.04.1
linux-image-kvm (Ubuntu package): before 5.4.0.1059.58
linux-image-gke-5.4 (Ubuntu package): before 5.4.0.1066.76
linux-image-raspi (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-1067-oracle (Ubuntu package): before 5.4.0-1067.72~18.04.1
linux-image-gke (Ubuntu package): before 5.4.0.1066.76
linux-image-5.4.0-105-lowlatency (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-5.4.0-1056-raspi (Ubuntu package): before 5.4.0-1056.63~18.04.1
linux-image-raspi2 (Ubuntu package): before 5.4.0.1056.90
linux-image-5.4.0-105-generic (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-aws-lts-20.04 (Ubuntu package): before 5.4.0.1069.71
linux-image-ibm-lts-20.04 (Ubuntu package): before 5.4.0.1018.18
linux-image-gcp-lts-20.04 (Ubuntu package): before 5.4.0.1068.77
linux-image-gkeop-5.4 (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-1073-azure (Ubuntu package): before 5.4.0-1073.76~18.04.1
linux-image-5.4.0-1037-gkeop (Ubuntu package): before 5.4.0-1037.38~18.04.1
linux-image-azure-lts-20.04 (Ubuntu package): before 5.4.0.1073.71
linux-image-5.4.0-1066-gke (Ubuntu package): before 5.4.0-1066.69~18.04.1
linux-image-5.4.0-1068-gcp (Ubuntu package): before 5.4.0-1068.72~18.04.1
linux-image-5.4.0-1018-ibm (Ubuntu package): before 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1059-kvm (Ubuntu package): before 5.4.0-1059.62
linux-image-oem-osp1 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-ibm (Ubuntu package): before 5.4.0.1018.35
linux-image-oem (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic (Ubuntu package): before 5.4.0.105.109
linux-image-virtual (Ubuntu package): before 5.4.0.105.109
linux-image-gkeop (Ubuntu package): before 5.4.0.1037.40
linux-image-5.4.0-105-generic-lpae (Ubuntu package): before 5.4.0-105.119~18.04.1
linux-image-gcp (Ubuntu package): before 5.4.0.1068.53
linux-image-raspi-hwe-18.04 (Ubuntu package): before 5.4.0.1056.58
linux-image-virtual-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-snapdragon-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-oracle (Ubuntu package): before 5.4.0.1067.72~18.04.46
linux-image-lowlatency-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-lpae-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-generic-hwe-18.04 (Ubuntu package): before 5.4.0.105.119~18.04.90
linux-image-azure (Ubuntu package): before 5.4.0.1073.52
linux-image-aws (Ubuntu package): before 5.4.0.1069.51
External linkshttp://ubuntu.com/security/notices/USN-5338-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.